From 2267f1f2ece1402592b88980598bc0094012721e Mon Sep 17 00:00:00 2001 From: anurampalli Date: Wed, 8 Oct 2025 10:28:11 +1100 Subject: [PATCH 1/4] Scripted REST API to create ... ...incidents in the correct domain --- .../DomainSeperation/README.md | 147 ++++++++++++++++++ .../DomainSeperation/create.js | 98 ++++++++++++ 2 files changed, 245 insertions(+) create mode 100644 Integration/Scripted REST Api/DomainSeperation/README.md create mode 100644 Integration/Scripted REST Api/DomainSeperation/create.js diff --git a/Integration/Scripted REST Api/DomainSeperation/README.md b/Integration/Scripted REST Api/DomainSeperation/README.md new file mode 100644 index 0000000000..1d500fd85c --- /dev/null +++ b/Integration/Scripted REST Api/DomainSeperation/README.md @@ -0,0 +1,147 @@ +--- +# PR Description: + +This pull request adds a Scripted REST API for ServiceNow that creates Incident records in the domain and company of the authenticated user. The API was developed as part of a Hacktoberfest 2025 contribution and is intended for educational and demonstration purposes. The `create` method ensures incidents are scoped to the user's domain, supporting multi-tenancy and domain separation best practices. +--- + +# Pull Request Checklist + +## Overview + +- [x] I have read and understood the [CONTRIBUTING.md](CONTRIBUTING.md) guidelines +- [x] My pull request has a descriptive title that accurately reflects the changes +- [x] I've included only files relevant to the changes described in the PR title and description +- [x] I've created a new branch in my forked repository for this contribution + +## Code Quality + +- [x] My code is relevant to ServiceNow developers +- [x] My code snippets expand meaningfully on official ServiceNow documentation (if applicable) +- [x] I've disclosed use of ES2021 features (if applicable) +- [x] I've tested my code snippets in a ServiceNow environment (where possible) + +## Repository Structure Compliance + +- [x] I've placed my code snippet(s) in one of the required top-level categories: + - `Server-Side Components/` +- [x] I've used appropriate sub-categories within the top-level categories +- [x] Each code snippet has its own folder with a descriptive name + +## Documentation + +- [x] I've included a README.md file for each code snippet +- [x] The README.md includes: + - [x] Description of the code snippet functionality + - [x] Usage instructions or examples + - [x] Any prerequisites or dependencies + - [x] (Optional) Screenshots or diagrams if helpful + +## Restrictions + +- [x] My PR does not include XML exports of ServiceNow records +- [x] My PR does not contain sensitive information (passwords, API keys, tokens) +- [x] My PR does not include changes that fall outside the described scope + +--- + +````markdown +# ๐ŸŽƒ Hacktoberfest 2025 Contribution: ServiceNow Scripted REST API + +## Overview + +This repository contains a **Scripted REST API** developed for **ServiceNow** as part of a Hacktoberfest 2025 contribution. The API allows authenticated users to create new **Incident** records within their own domain and company context. + +> **DISCLAIMER** +> This script was developed and tested on a **ServiceNow Personal Developer Instance (PDI)**. +> It is intended for **educational and demonstration purposes only**. +> Please **test thoroughly in a dedicated development environment** before deploying to production. + +--- + +## Features + +- Creates a new Incident record for the currently logged-in user. +- Automatically assigns the user's domain and company to the incident. +- Returns the generated incident number and domain in the response. + +--- + +## Script Details + +- **Author**: Anasuya Rampalli ([anurampalli](https://github.com/anurampalli)) +- **Version**: 1.0 +- **Date**: 2025-10-08 +- **Context**: Scripted REST API (`create` function) +- **Tested On**: ServiceNow Personal Developer Instance (PDI) + +--- + +## ๐Ÿ“ฅ Expected Request Format + +```json +POST /api/your_namespace/your_endpoint +Content-Type: application/json + +{ + "short_description": "Issue description text" +} +``` +```` + +--- + +## Response Examples + +### Success + +```json +{ + "status": "success", + "incident_id": "INC0012345", + "domain": "TOP/Child Domain" +} +``` + +### Error + +```json +{ + "error": { + "message": "User Not Authenticated", + "detail": "Required to provide Auth information" + }, + "status": "failure" +} +``` + +--- + +## ๐Ÿ“š How It Works + +1. Extracts the `short_description` from the incoming JSON payload. +2. Identifies the authenticated user via `gs.getUserID()`. +3. Retrieves the user's domain and company using `sys_user`. +4. Creates a new `incident` record with the user's domain, company, and description. +5. Returns the incident number and domain in the response. + +--- + +## ๐Ÿงช Testing Tips + +- Use a valid ServiceNow PDI with Scripted REST API enabled. +- Ensure the user is authenticated before making requests. +- Check the `incident` table for newly created records. + +--- + +## ๐Ÿค Contributing + +Pull requests are welcome! If you'd like to improve this script or adapt it for other use cases, feel free to fork and submit your changes. + +--- + +## ๐Ÿ“„ License + +This project is open-source and available under the [MIT License](LICENSE). + +--- diff --git a/Integration/Scripted REST Api/DomainSeperation/create.js b/Integration/Scripted REST Api/DomainSeperation/create.js new file mode 100644 index 0000000000..1de566ff9a --- /dev/null +++ b/Integration/Scripted REST Api/DomainSeperation/create.js @@ -0,0 +1,98 @@ +/** + * ----------------------------------------------------------------------------- + * Hacktoberfest Contribution - ServiceNow Scripted REST API + * ----------------------------------------------------------------------------- + * DISCLAIMER: + * This script was developed and tested on a **ServiceNow Personal Developer Instance (PDI)** + * as part of a Hacktoberfest contribution. + * + * It is provided for **educational and demonstration purposes only**. + * Please thoroughly **test in a dedicated development environment** + * before deploying to production. + * + * ----------------------------------------------------------------------------- + * Script Purpose: + * Creates a new Incident record under the same domain and company as the + * currently logged-in user. Returns the generated incident number and domain. + * ----------------------------------------------------------------------------- + * + * @author Anasuya Rampalli (anurampalli) + * @version 1.0 + * @date 2025-10-08 + * @tested On ServiceNow PDI (Personal Developer Instance) + * @context Scripted REST API (process function) + */ + +/** + * Processes the incoming REST API request and creates an Incident + * for the authenticated user within their domain. + * + * @param {RESTAPIRequest} request - The incoming REST API request object containing JSON payload. + * @param {RESTAPIResponse} response - The response object used to send results back to the client. + * + * Expected JSON Body: + * { + * "short_description": "Issue description text" + * } + * + * Response Example (Success): + * { + * "status": "success", + * "incident_id": "INC0012345", + * "domain": "TOP/Child Domain" + * } + * + * Response Example (Error): + * { + * "error": { + * "message": "User Not Authenticated", + * "detail": "Required to provide Auth information" + * }, + * "status": "failure" + * } + */ +(function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) { + var body = request.body.data; + var companyName = body.company; + var shortDesc = body.short_description; + //gs.info(gs.getUserID()); + var userSysId = gs.getUserID(); + var result = {}; + + try { + // looup user + var grUser = new GlideRecord("sys_user"); + grUser.addQuery("sys_id", userSysId.toString()); + grUser.query(); + if (grUser.next()) { + var domain = grUser.sys_domain; + // Create new incident + var grIncident = new GlideRecord("incident"); + grIncident.initialize(); + grIncident.short_description = shortDesc; + grIncident.caller_id = userSysId; + gs.info("COMPANY: " + grUser.company.getDisplayValue()); + grIncident.company = grUser.company; + grIncident.sys_domain = grUser.sys_domain; // domain reference comes from core_company + grIncident.insert(); + + let correlationId = grIncident.number; + gs.info( + "Domain Indcident API: inserted incident number: " + correlationId + ); + result.status = "success"; + result.incident_id = correlationId; + result.domain = grUser.sys_domain.getDisplayValue(); + } else { + response.setStatus(404); + result.status = "error"; + result.message = "User not found: " + companyName; + } + } catch (e) { + response.setStatus(500); + result.status = "error"; + result.message = e.message; + } + + response.setBody(result); +})(request, response); From 8184c4357a4266423388991461d9583c64ec3d83 Mon Sep 17 00:00:00 2001 From: anurampalli Date: Wed, 8 Oct 2025 12:21:56 +1100 Subject: [PATCH 2/4] Update README.md Removed 1. Reference to Hacktoberfest 2. Removed PR Checklist which I included accidentally 3. Removed License information. --- .../DomainSeperation/README.md | 61 ++----------------- 1 file changed, 4 insertions(+), 57 deletions(-) diff --git a/Integration/Scripted REST Api/DomainSeperation/README.md b/Integration/Scripted REST Api/DomainSeperation/README.md index 1d500fd85c..c73cf18444 100644 --- a/Integration/Scripted REST Api/DomainSeperation/README.md +++ b/Integration/Scripted REST Api/DomainSeperation/README.md @@ -4,48 +4,7 @@ This pull request adds a Scripted REST API for ServiceNow that creates Incident records in the domain and company of the authenticated user. The API was developed as part of a Hacktoberfest 2025 contribution and is intended for educational and demonstration purposes. The `create` method ensures incidents are scoped to the user's domain, supporting multi-tenancy and domain separation best practices. --- -# Pull Request Checklist - -## Overview - -- [x] I have read and understood the [CONTRIBUTING.md](CONTRIBUTING.md) guidelines -- [x] My pull request has a descriptive title that accurately reflects the changes -- [x] I've included only files relevant to the changes described in the PR title and description -- [x] I've created a new branch in my forked repository for this contribution - -## Code Quality - -- [x] My code is relevant to ServiceNow developers -- [x] My code snippets expand meaningfully on official ServiceNow documentation (if applicable) -- [x] I've disclosed use of ES2021 features (if applicable) -- [x] I've tested my code snippets in a ServiceNow environment (where possible) - -## Repository Structure Compliance - -- [x] I've placed my code snippet(s) in one of the required top-level categories: - - `Server-Side Components/` -- [x] I've used appropriate sub-categories within the top-level categories -- [x] Each code snippet has its own folder with a descriptive name - -## Documentation - -- [x] I've included a README.md file for each code snippet -- [x] The README.md includes: - - [x] Description of the code snippet functionality - - [x] Usage instructions or examples - - [x] Any prerequisites or dependencies - - [x] (Optional) Screenshots or diagrams if helpful - -## Restrictions - -- [x] My PR does not include XML exports of ServiceNow records -- [x] My PR does not contain sensitive information (passwords, API keys, tokens) -- [x] My PR does not include changes that fall outside the described scope - ---- - -````markdown -# ๐ŸŽƒ Hacktoberfest 2025 Contribution: ServiceNow Scripted REST API +# ServiceNow Scripted REST API for creating incdents in the correct company/domain ## Overview @@ -76,7 +35,7 @@ This repository contains a **Scripted REST API** developed for **ServiceNow** as --- -## ๐Ÿ“ฅ Expected Request Format +## Expected Request Format ```json POST /api/your_namespace/your_endpoint @@ -116,7 +75,7 @@ Content-Type: application/json --- -## ๐Ÿ“š How It Works +## How It Works 1. Extracts the `short_description` from the incoming JSON payload. 2. Identifies the authenticated user via `gs.getUserID()`. @@ -126,22 +85,10 @@ Content-Type: application/json --- -## ๐Ÿงช Testing Tips +## Testing Tips - Use a valid ServiceNow PDI with Scripted REST API enabled. - Ensure the user is authenticated before making requests. - Check the `incident` table for newly created records. --- - -## ๐Ÿค Contributing - -Pull requests are welcome! If you'd like to improve this script or adapt it for other use cases, feel free to fork and submit your changes. - ---- - -## ๐Ÿ“„ License - -This project is open-source and available under the [MIT License](LICENSE). - ---- From 1be2332d2e243282497c580667367b5fc96ee43b Mon Sep 17 00:00:00 2001 From: anurampalli Date: Wed, 8 Oct 2025 12:29:55 +1100 Subject: [PATCH 3/4] Update create.js removed reference to Hacktoberfest --- Integration/Scripted REST Api/DomainSeperation/create.js | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/Integration/Scripted REST Api/DomainSeperation/create.js b/Integration/Scripted REST Api/DomainSeperation/create.js index 1de566ff9a..c3ec7e62a4 100644 --- a/Integration/Scripted REST Api/DomainSeperation/create.js +++ b/Integration/Scripted REST Api/DomainSeperation/create.js @@ -1,12 +1,6 @@ /** - * ----------------------------------------------------------------------------- - * Hacktoberfest Contribution - ServiceNow Scripted REST API - * ----------------------------------------------------------------------------- - * DISCLAIMER: - * This script was developed and tested on a **ServiceNow Personal Developer Instance (PDI)** - * as part of a Hacktoberfest contribution. * - * It is provided for **educational and demonstration purposes only**. + * This script is provided for **educational and demonstration purposes only**. * Please thoroughly **test in a dedicated development environment** * before deploying to production. * @@ -96,3 +90,4 @@ response.setBody(result); })(request, response); + From afc91da37cf3c9dbeda76ce1b5457a0af80775d0 Mon Sep 17 00:00:00 2001 From: anurampalli Date: Wed, 8 Oct 2025 12:34:02 +1100 Subject: [PATCH 4/4] Update README.md 1. Removed all references to Hacktober fest 2. Removed PR Template 3. Added Prerequisites & Dependencies --- .../DomainSeperation/README.md | 41 +++++++++++++++---- 1 file changed, 33 insertions(+), 8 deletions(-) diff --git a/Integration/Scripted REST Api/DomainSeperation/README.md b/Integration/Scripted REST Api/DomainSeperation/README.md index c73cf18444..7c93b75a92 100644 --- a/Integration/Scripted REST Api/DomainSeperation/README.md +++ b/Integration/Scripted REST Api/DomainSeperation/README.md @@ -1,14 +1,8 @@ ---- -# PR Description: - -This pull request adds a Scripted REST API for ServiceNow that creates Incident records in the domain and company of the authenticated user. The API was developed as part of a Hacktoberfest 2025 contribution and is intended for educational and demonstration purposes. The `create` method ensures incidents are scoped to the user's domain, supporting multi-tenancy and domain separation best practices. ---- - # ServiceNow Scripted REST API for creating incdents in the correct company/domain ## Overview -This repository contains a **Scripted REST API** developed for **ServiceNow** as part of a Hacktoberfest 2025 contribution. The API allows authenticated users to create new **Incident** records within their own domain and company context. +The API allows authenticated users to create new **Incident** records within their own domain and company context. > **DISCLAIMER** > This script was developed and tested on a **ServiceNow Personal Developer Instance (PDI)**. @@ -25,7 +19,37 @@ This repository contains a **Scripted REST API** developed for **ServiceNow** as --- -## Script Details +## Prerequisites & Dependencies + +Before using or testing this Scripted REST API, ensure the following conditions are met: + +1. **Domain Separation Plugin** + + - The **Domain Separation** plugin must be activated on your instance. + - This enables `sys_domain` references and ensures incidents are created within the correct domain context. + +2. **Core Data Setup** + + - Ensure valid entries exist in the **core_company** table. + - Each company should have an associated **domain** record in the **sys_domain** table. + - These relationships are critical for correct domain assignment during incident creation. + +3. **User Configuration** + + - The user invoking this API must: + - Belong to a specific domain. + - Have the **snc_platform_rest_api_access** role to access Scripted REST APIs. + - Users must also have ACL permissions to: + - **Read** from the `sys_user` table. + - **Insert** into the `incident` table. + +4. **Instance Configuration** + - Tested and validated on a **ServiceNow Personal Developer Instance (PDI)**. + - Other environments should be configured with equivalent domain and company data for consistent results. + +--- + +## Information - **Author**: Anasuya Rampalli ([anurampalli](https://github.com/anurampalli)) - **Version**: 1.0 @@ -92,3 +116,4 @@ Content-Type: application/json - Check the `incident` table for newly created records. --- +